Hacker News new | ask | show | jobs
by otabdeveloper4 248 days ago
The SPIFFE standard does something like this.

It's not used by anyone because nobody actually gives a shit about security, the entire industry is basically a grift.
1 comments
ants_everywhere 248 days ago
Lots of projects use SPIFFE, but lots of people don't like the new tech because they think the old ways are simpler
link
otabdeveloper4 247 days ago
After trying to get SPIFFE mTLS to work with Python asyncio and giving up, I'm sure "lots of projects" is an overstatement.

Even basic parts of the tech stack aren't there yet.

link
ants_everywhere 247 days ago
Several big CNCF security projects use it. Normally you'd just add sidecars to your asyncio service.
link
otabdeveloper4 247 days ago
No, normally you would just add a parameter to your ssl context constructor.

"Sidecars" is a crazy hack that only applies if you use k8s and containers, which I'm obviously not.

link